Back-up? Yeah I got one… I think
With the ever increasing amount of data we have to manage in healthcare, backing it up can sometimes fall off our radar. We get so busy healing sick patients that our digital infrastructure doesn’t come to the forefront of our mind. Hopefully in your HIPAA and Compliance manuals you have set out good usage policies and part of that is a backup plan. A current backup of your data is vital in today’s world.
Let’s talk about what threatens our data. We all think about viruses and malware infecting our systems and stealing data. Good usage policies, appropriate firewalls, and an anti-virus can help defend you in this area. A new type of computer malware is called RansomWare. This is a file that infects your computer and requires you to pay someone a fee to release your files. Many times you are stuck because anti-viruses don’t work on these. You can either pay the fee or revert to a clean back up if you have one. But the biggest vulnerability is people. Doctors or staff click on a web link in an email or visit a web page and, in violation of the policy, become infected.
Are you thinking, those are all about the internet but you are talking about backups? All of those internet issues can cause your practice management system to become corrupt, infected or held for ransom. So can your office handle any of those things happening to your network or your computer?
Many times backups become necessary due to hardware failures. Sometime hard drives or computers break. The data may or may not be accessible when it does happen. The other thing that occurs is a natural disaster or an accident. If your office is involved in a flood, a fire or a storm do you have a secure offsite data back up in case your onsite data is no longer useable? You are responsible for that data and information and you need a plan as to how you are going to protect it. How quickly can you recover from a disaster? If you performed your Security Risk Analysis for HIPPA you had to address this issue.
There are many types of backups out there. You can back up your data live by having 2 hard drives mirror each other. This protects you from hardware issues, but if your data becomes corrupted you have 2 copies of corrupted data. You can do a daily back up of the data and keep a weeks’ worth or a months’ worth of data. This allows you to go back to a specific day and restore your data. You may have a hybrid of both types of backup in your office. But one point that many offices don’t take into consideration is what you are backing up. Is your backup complete and is it useable data?Many times offices find issues in the backup system when they are restoring the data and it doesn’t work. You need to not only back up your data but also check the integrity of that data to ensue you are backing it up when you want and the backup contains all the data you need.
Now you have a backup. Where do you keep it? Do you store the data in the cloud? How about a thumb drive you take home? Do you take the laptop with the data on it home with you every day? All of these could work, but the security of the data must be ensured. Drives need to be encrypted and thumb drives and computers pass worded. Security becomes a big issue when you leave the physical safeguards of your office.
As a chiropractor this process may not be within your knowledge set. You need to find an IT vendor that can help you with this process and ensure HIPPA compliance. Backing up your data is a complex multifaceted problem. You have to develop a system that is secure and compliant. This article is by no means an exhaustive review of what needs to be done, but hopefully will make you think about your data and how you protect it. Have a good plan, practice your plan and make sure it works.